Vulnerability Details : CVE-2007-3872

Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests.

Vulnerability category: Execute code

Published 2007-08-09 20:17:00

Updated 2017-07-29 01:32:36

Source MITRE

View at NVD, CVE.org

At least one public exploit which can be used to exploit this vulnerability exists!

Exploit prediction scoring system (EPSS) score for CVE-2007-3872

Probability of exploitation activity in the next 30 days: 93.66%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2007-3872

HP OpenView Operations OVTrace Buffer Overflow

Disclosure Date : 2007-08-09

exploit/windows/misc/hp_ovtrace

This module exploits a stack buffer overflow in HP OpenView Operations version A.07.50. By sending a specially crafted packet, a remote attacker may be able to execute arbitrary code. Authors: - MC <[email protected]>

More information

CVSS scores for CVE-2007-3872

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	[email protected]
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2007-3872

Products affected by CVE-2007-3872